cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
787
Views
0
Helpful
6
Replies
ConcordPacific
Beginner

RV220W Wireless-N Firewall rules

I want to deny all web traffic for certain IP address except some of the allow web site.

Can I setup the following Firewall rules on RV220W?

1. From Zone: LAN

    To Zone: WAN

    Service: HTTP

    Action: Always Block

    Source: 192.168.1.10 - 192.168.1.30

    Destionation: Any

2. From Zone: LAN

    To Zone: WAN

    Service: HTTP

    Action: Always Allow

    Source: 192.168.1.10 - 192.168.1.30

    Destionation: x.x.x.x (Allow IP address)

The rules above will block the allowed web site. May I know why? Is there any other ways?

1 ACCEPTED SOLUTION

Accepted Solutions

Hi,

if you changed the order and it is still not working then maybe the IP address has changed for some reasons.

Can you flush the dns caches of your hosts(if they are Windows clients) with the ipconfig/flushdns command.

Then do a nslookup for this url to verify the address.

Maybe you could filter by url or if you haen't got too many machines you could implement the hosts file trick where you map the domain name of the site to 0.0.0.0 or 127.0.0.1 and then make that hosts file read-only

Regards.

Alain.

Don't forget to rate helpful posts.

View solution in original post

6 REPLIES 6
cadet alain
Advisor

Hi,

You  should change the order of the rules with the more specific ones first because the rules are parsed sequentially and once a match is encountered the parsing ends.

Regards.

Alain.

Don't forget to rate helpful posts.

Hi Alain,

Thanks for your suggestion. I did tried to change the order firewall rule but I'm still block to access the allowed web site. Just give you extra information, there are no way to change the order of the firewall rule. I have to delete the rule and re-create it. Just don't get it why the access rule order not working?

Moses

In the upcoming firmware there is a flawed solution for this.

You may page the rules in pages of 10 rules, but is is only possible to move a rule within a page, not between pages,

You specify a destination rule number and click a Move button.

How difficult is it to move the rule to the destination entry in the array and refresh the display ?

I'll leave it to the reader to judge the quality of this kind of programming !

Hi,

if you changed the order and it is still not working then maybe the IP address has changed for some reasons.

Can you flush the dns caches of your hosts(if they are Windows clients) with the ipconfig/flushdns command.

Then do a nslookup for this url to verify the address.

Maybe you could filter by url or if you haen't got too many machines you could implement the hosts file trick where you map the domain name of the site to 0.0.0.0 or 127.0.0.1 and then make that hosts file read-only

Regards.

Alain.

Don't forget to rate helpful posts.

View solution in original post

Hi Alain,

Thanks. I find out the allowed website IP address was changed that cause I couldn't setup the rule correctly. 

Moses

Hi,

You're welcome.

Alain.

Don't forget to rate helpful posts.